On 05/20/2000 at 17:04:13 MST, "Harry Whitehouse" <[EMAIL PROTECTED]> wrote: > I am trying a simple experimental setup with a Cisco PIX 520. I have the > "outside" network card talking to my public network, and I can ping network > devices using the PIX terminal commands. The "show interfaces" command > indicates that the outside card is up and the line protocol is up. > > For the "inside", I simply took one of our NT servers, set the IP address > to > 192.168.10.44, and set the IP address of the PIX inside card to > 192.168.10.20. There is a hub between the PIX and the NT. > > But the inside is completely "dead". I don't see any activity lights on > the > inside PIX card. I can't ping the NT from the PIX terminal. I can't ping > the inside PIX card from the NT. Show interfaces indicates that the inside > card is "up", but the line protocol is down. > > It occurred to me that I need a separate and distinct router on this > "inside" network (albeit the network is quite small). No, you don't need a router on the inside. (Actually you might if you had a more extensive network, as the Pix's routing capability (not forwarding, just routing) is pathetic and worse than a typical unix host's). A machine on the same subnet as the Pix should be able to talk to it just fine. Eventually, to talk to ouside machines, you would need to set the Pix's inside interface as the default route for all other machines on that subnet. It sounds like you have a hardware problem: bad hub port, bad cable, or bad Pix ethernet interface. Try replacing each of them. If that doesn't work, post your Pix config. Tony Rall - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
